| title | description | author | ms.author | ms.reviewer | ms.service | ms.topic | ms.date |
|---|---|---|---|---|---|---|---|
Enterprise Security Package for Azure HDInsight |
Learn the Enterprise Security Package components and versions in Azure HDInsight. |
hrasheed-msft |
hrasheed |
jasonh |
hdinsight |
conceptual |
05/08/2020 |
Enterprise Security is an optional package that you can add on your HDInsight cluster as part of create cluster workflow. The Enterprise Security Package supports:
-
Integration with Active Directory for authentication.
In the past, you created HDInsight clusters with local admin user and local SSH user. The local admin user can access all the files, folders, tables, and columns. With Enterprise Security Package, you enable Azure role-based access control by integrating HDInsight with your Azure Active Directory Domain Services.
For more information, see:
-
Authorization for data
-
Integration with Apache Ranger for authorization for Hive, Spark SQL, and Yarn Queues.
-
You can set access control on files and folders.
For more information, see Configure Apache Hive policies in Domain-joined HDInsight
-
-
View the audit logs to monitor accesses and the configured policies.
Currently, only the following cluster types support the Enterprise Security Package:
- Hadoop (HDInsight 3.6 only)
- Spark
- Kafka
- HBase
- Interactive Query
The Enterprise Security Package supports using Azure Data Lake Storage as both the primary storage and the add-on storage.
For information on pricing and SLA for the Enterprise Security Package, see HDInsight pricing.